Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/7VAVi0PMABMDo6LvXQ_YWSeXdMQ.roa
File:                     7VAVi0PMABMDo6LvXQ_YWSeXdMQ.roa (raw, json)
Hash identifier:          TKRnb0fE5loSyBrkAZlWDQoYQFKxCv1+Qpt/Ia5U1LE=
Subject key identifier:   ED:50:15:8B:43:CC:00:13:03:A3:A2:EF:5D:0F:D8:59:27:97:74:C4
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       018B99E7A2046682880C4728C275EEEA040C
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/7VAVi0PMABMDo6LvXQ_YWSeXdMQ.roa
Signing time:             Sat 04 Nov 2023 10:36:16 +0000
ROA not before:           Sat 04 Nov 2023 10:36:16 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     400377
IP address blocks:        195.133.9.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:99:e7:a2:04:66:82:88:0c:47:28:c2:75:ee:ea:04:0c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Nov  4 10:36:16 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ed50158b43cc001303a3a2ef5d0fd859279774c4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:bd:87:d5:0f:f8:2c:45:77:cd:c0:48:38:a0:
                    fb:92:67:13:68:84:78:63:db:ad:65:ee:34:ac:df:
                    64:1b:cb:61:c5:e5:25:a2:27:70:d8:81:a6:01:de:
                    f5:bf:6e:2a:30:89:fb:ea:8b:fc:d7:90:5a:e7:9e:
                    a7:c6:4f:f7:36:8d:92:56:e8:6b:89:3c:1a:55:29:
                    f6:b3:4e:0e:f2:c1:6b:21:15:fe:05:01:2f:91:40:
                    1f:54:26:11:68:08:c1:f1:78:87:ec:e4:40:0b:fb:
                    22:64:dd:33:23:b3:13:0d:b2:9f:53:63:33:5e:30:
                    f2:90:23:0d:18:3b:35:c9:38:6a:60:73:08:aa:65:
                    38:1b:71:09:b6:40:b9:1a:77:9e:af:15:c8:a2:e1:
                    9d:b8:97:fd:a6:2d:f9:23:1e:10:5c:7f:ce:73:a8:
                    b0:c0:76:cc:6e:c8:29:60:ab:9b:a0:9f:9d:0c:b5:
                    15:2d:21:b2:54:40:36:6b:e9:05:74:8d:99:1b:0b:
                    75:d8:66:cd:b8:30:4b:f0:47:0c:6d:3e:20:71:71:
                    ae:9a:b6:21:45:c2:ba:89:01:5c:4e:e2:16:9b:15:
                    c9:a7:b7:38:10:9e:b2:db:0a:ad:f0:b7:f7:fc:6f:
                    61:e5:e1:ee:5f:c8:ac:18:a2:02:00:c7:df:d2:f1:
                    12:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                ED:50:15:8B:43:CC:00:13:03:A3:A2:EF:5D:0F:D8:59:27:97:74:C4
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/7VAVi0PMABMDo6LvXQ_YWSeXdMQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.133.9.0/24

    Signature Algorithm: sha256WithRSAEncryption
         24:20:8f:ba:2d:c4:5b:2a:83:c9:a4:1a:3c:54:ae:c5:0b:15:
         0c:7d:7a:36:54:c1:96:e5:fd:0a:ac:9d:51:c4:62:75:c9:67:
         83:5f:89:42:b6:0c:cf:18:65:cf:51:f0:99:c3:8e:e2:74:e1:
         17:22:ff:6b:fc:8c:12:d0:e9:94:d7:95:68:24:70:5e:00:2b:
         59:1c:4d:5a:3a:ed:6e:ba:5a:51:1a:1a:61:df:62:c7:28:f4:
         7d:0f:f7:43:28:aa:7b:8c:88:69:91:a8:2b:2a:ae:33:b9:f8:
         66:b8:d8:39:51:98:66:87:6e:9a:a5:bf:8a:87:98:15:05:39:
         2e:33:81:d5:1d:4a:de:d2:16:64:84:53:a3:49:46:6a:6e:76:
         e4:c2:71:68:9a:23:6d:ca:26:a9:15:f5:7a:60:45:28:1a:c2:
         b3:15:3a:7c:01:2b:fb:ef:ce:51:4b:ec:06:34:10:68:e7:36:
         4c:39:f1:c8:b5:bf:9a:12:f7:1e:04:20:27:ed:0f:42:f1:5f:
         47:8b:f1:df:99:0f:da:fe:59:76:9c:99:d0:ce:1c:2b:78:23:
         46:35:b0:15:ab:95:a6:bd:c0:e2:b3:f7:50:ae:3a:73:e9:11:
         94:8d:f6:b8:21:a5:d9:f6:5b:e2:56:d2:8e:a5:e5:53:f2:13:
         a5:85:99:37
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYuZ56IEZoKIDEcownXu6gQMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMTA0MTAzNjE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDUwMTU4YjQzY2MwMDEzMDNhM2EyZWY1ZDBmZDg1OTI3OTc3NGM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlb2H1Q/4LEV3zcBIOKD7kmcTaIR4
Y9utZe40rN9kG8thxeUloidw2IGmAd71v24qMIn76ov815Ba556nxk/3No2SVuhr
iTwaVSn2s04O8sFrIRX+BQEvkUAfVCYRaAjB8XiH7ORAC/siZN0zI7MTDbKfU2Mz
XjDykCMNGDs1yThqYHMIqmU4G3EJtkC5GneerxXIouGduJf9pi35Ix4QXH/Oc6iw
wHbMbsgpYKuboJ+dDLUVLSGyVEA2a+kFdI2ZGwt12GbNuDBL8EcMbT4gcXGumrYh
RcK6iQFcTuIWmxXJp7c4EJ6y2wqt8Lf3/G9h5eHuX8isGKICAMff0vESswIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO1QFYtDzAATA6Oi710P2Fknl3TEMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvN1ZBVmkwUE1BQk1EbzZMdlhRX1lXU2VYZE1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw4UJMA0G
CSqGSIb3DQEBCwUAA4IBAQAkII+6LcRbKoPJpBo8VK7FCxUMfXo2VMGW5f0KrJ1R
xGJ1yWeDX4lCtgzPGGXPUfCZw47idOEXIv9r/IwS0OmU15VoJHBeACtZHE1aOu1u
ulpRGhph32LHKPR9D/dDKKp7jIhpkagrKq4zufhmuNg5UZhmh26apb+Kh5gVBTku
M4HVHUre0hZkhFOjSUZqbnbkwnFomiNtyiapFfV6YEUoGsKzFTp8ASv7785RS+wG
NBBo5zZMOfHItb+aEvceBCAn7Q9C8V9Hi/HfmQ/a/ll2nJnQzhwreCNGNbAVq5Wm
vcDis/dQrjpz6RGUjfa4IaXZ9lviVtKOpeVT8hOlhZk3
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:19:18 2024 by rpki-client on console-ams.rpki-client.org